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DETAILED ACTION 
Claim Rejections • 35 USC § 101 

1. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement tfiereof, may obtain a patent thierefor, subject to the 
conditions and requirements of this title. 

2. Claims 1 5- 21 are rejected because the claimed invention is directed to non- 
statutory subject matter. In this case, the recording means is being defined as 
transmission media, which can include signals that pass through the air which is in a 
non statutory category. Paragraph 0025, line 12. 

Claim Rejections • 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1, 8, 15, 2, 9, 16, 4, 11, 18, 5, 12, and 19 are rejected under 35 U.S.C. 
103(a) as being unpatentable over McPherson (US patent 6944167) in view of Alkhatib 
et al, hereinafter referred to as Alkhatib (US publication 2004/0044778 A1 ) 

Regarding claims 1, 8, and 15: . 

McPherson discloses a client system communicatively connected to a public 
network (Column 4, lines 40-41 discloses "a request from a host external to the private 
network (i.e. located in the public network)"; a NAT device accessible to said public 
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network and accessible to at least one NAT data processing system located in a NAT 
enabled network behind said NAT device (abstract, lines 3-8 disclose a network 
address translator being queried from an external client for an address of ariother host 
behind a NAT device), method, system, recording medium, and product with means 
(Column 3, lines 15-21), for accessing a data processing system behind a network 
address translation (NAT) enabled network, comprising: querying, from a client system 
located outside a NAT enabled network ("request generated external to the private 
network" abstract, lines 3-4), a NAT device for an address of a NAT data processing 
system located behind said NAT enabled network (Figure 2C 282 shows a request 
query to a network address translator for an address of a computer behind NAT); 
automatically routing said query through said NAT device to a DNS server, wherein said 
DNS server returns an address for said NAT data processing system for said NAT 
device (Figure 2C shows the Network Address Translator replying to a DNS server, and 
the DNS server returns an address to the "requesting host" Column 2, line 31 ); and 
sending packets, from said client system to said NAT data processing system at said 
address, such that said NAT data processing system behind said NAT enabled network 
is directly accessed by said client system from outside said NAT enabled network. ("The 
requesting host can then use this returned public network address for communicating 
with the private network host." Abstract, lines 11-12.) McPherson discloses all the 
limitations as disclosed above except for sending with source routing. 
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Alkhatib teaches source routing (paragraph 0150 line 12) through a NAT device, 
(paragraph 0150 lines 24-25 discloses "data can flow between hosts A and C... through 
NAT...."). 

The general concept of providing source routing through a NAT device is well 
known in the art as illustrated by Alkhatib who discloses source routing through a NAT 
device in an accessing method, system, and product with means. 

It would have been obvious for one of ordinary skill in the art at the time of the 
invention to modify McPherson to include the use of source routing through NAT in his 
advantageous method as taught by Alkhatib in order to fonA^ard "the communication to 
the entity inside the private" network as stated by Alkhatib in his abstract, last two lines. 

Regarding claims 2, 9, and 16: 

McPherson discloses the method, system, and product with means for accessing 
a data processing system behind a NAT enabled network, wherein said querying a NAT 
device for an addresses of a NAT data processing system further comprises: receiving 
a user request to establish a connection with a particular domain name, wherein said 
domain name identifies said NAT data processing system ("receiving the domain name 
service query from a requesting host for the public address of the private network host." 
Column 3, lines 24-25, and "a requesting host desiring access to a host within a private 
network" Column 2, lines 31-31 which implicitly disclose the establishment of the 
connection) and sending a DNS query of said domain name to said NAT device ("The 
domain name server queries a network address translator of the private network" 
abstract, lines 7-8). 
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Regarding claims 4, 1 1 , and 18: 

McPherson discloses the method, system, and product with means for accessing 
a data processing system behind a NAT enabled network wherein automatically routing 
said query through said NAT device to a DNS server, further comprises: automatically 
routing said query through said NAT device for handling DNS queries. (Figure 1 shows 
how the public host external to the NAT device must go through the NAT router to get to 
the DNS). McPherson discloses all the limitations as disclosed above except for using 
a pre-selected NAT port. 

Alkhatib uses a pre-selected NAT port. (Paragraph 0050 last two lines, and line 
5, next page same paragraph, discloses that a look up table containing the NAT port 
number is used for connections.) 

The general concept of using a preselected port number of a NAT device is well 
known in the art as illustrated by Alkhatib who discloses the preselected port number of 
a NAT device in an accessing method, system, and product with means. 

It would have been obvious for one of ordinary skill in the art at the time of the 
invention to modify McPherson to include the use of a preselected port number in his 
advantageous method as taught by Alkhatib in order to fonvard "the communication to 
the entity inside the private" network as stated by Alkhatib in his abstract, last two lines. 

Regarding claims 5, 12, and 19: 

McPherson discloses the method, system, and product with means for accessing 
a data processing system behind a NAT enabled network wherein automatically routing 
said query through said NAT device to a DNS server, further comprises: automatically 
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routing said query to said DNS server tliat stores at least one private address for at 
least one private system located behind said NAT enabled network and for said NAT 
device. (Claim 7 first paragraph discloses a DNS server with a private address field for 
the private network host. Claim 7 second paragraph discloses that the NAT device also 
has a private address field.) McPherson discloses all the limitations as disclosed above 
except for source routing. 

Alkhatib teaches source routing (paragraph 0150 line 12) through a NAT device, 
(paragraph 0150 lines 24-25 discloses "data can flow between hosts A and 0... through 
NAT...."). 

The general concept of providing source routing through a NAT device is well 
known in the art as illustrated by Alkhatib who discloses source routing through a NAT 
device in an accessing method, system, and product with means. 
It would have been obvious for one of ordinary skill in the art at the time of the invention 
to modify McPherson to include the use of source routing through NAT in his 
advantageous method as taught by Alkhatib in order to forward "the communication to 
the entity inside the private'! network as stated by Alkhatib in his abstract, last two lines. 
5. Claims 3, 10, and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over McPherson and Alkhatib, as applied to claims 1 ,8 and 15, and further in view of 
Dalgic et al, hereinafter referred to as Dalgic (US patent 6925076) and the Unix manual 
pages (http://web.archive.org/web/20020102131755/http://www.scit.wlv.ac.uk/cgi- 
bln/mansec?4+resolv.conf) 

Regarding claims 3, 10, and 17: 
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McPherson discloses the method, system, and product with means for accessing 
a data processing system behind a NAT enabled network, wherein said querying a NAT 
device for an addresses of a NAT data processing system further comprises: sending, 
from said client system, a DNS query for a domain name of said NAT data processing 
system to a first address (McPherson discloses that a DNS query is sent to request an 
address of a NAT data processing system, as well as the DNS being configured for 
providing for address fields Claim 1 , lines 55-65, and in addition figure 1 discloses an 
address for the domain name server network interface) and, sending, from said client 
system, said DNS query to a secohd address (Claim 1 , lines 7 discloses that the 
request for an address is sent to a Network address translator, and Figure 1 shows a 
different or second address for the network address translator than that of the DNS, 
wherein said second address is a location for said NAT device (Figure 1 discloses the 
NAT router with an address). McPherson discloses all the limitations as disclosed 
above except for responding to receiving a fail signal, and accessing a resolv.conf file. 

Dalgic teaches receiving a fail signal and responding to the fail signal. 
("Further, in some embodiments, a secondary gate controller can send a message to 
the edge router indicating the failure of the gate controller. The edge router can update 
the call state information after receiving the message..." Column 2, lines 51-53) 

The general concept of responding to a fail signal is well known in the art as 
illustrated by Dalgic who discloses a fail signal in an H.323 system which does network 
address translation. It would have been obvious for one of ordinary skill in the art at the 
time of the invention to modify McPherson of his NAT system, method, and medium in 
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as taught by Dalgic in order for the edge router to "suppoil a standard network address 
translation (NAT) protocol" as stated by Dalgic in Column 2, last two lines. 

The Unix Manual pages teaches accessing a resolv.conf file. (According to the 
man page for the resolv.conf file, "The resolver routines provide access to the Internet 
Domain Name System. The resolver configuration file contains information that is read 
by the resolver routines the first time a process calls them." First two paragraphs of the 
description of resolv.conf in man page.) 

The general concept of accessing a resolv.conf file is well known in the art as 
illustrated by the Unix manual page which discloses reading from a resolv.conf file in a 
routine that helps resolve domain names. It would have been obvious for one of 
ordinary skill in the art at the time of the invention to modify McPherson of his address 
translation method, system, medium, and product with means in his advantageous 
method as taught by the Unix manual page in order to "provide access to the Internet 
Domain Name system and provide various resolver information" as stated by the Unix 
manual page in the description section of the resolv.conf page, first page, first two 
paragraphs. 

6. Claims 6, 13, and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over McPherson (US patent 6944167) in view of Alkhatib et al, hereinafter referred to as 
Alkhatib (US publication 2004/0044778 A1) as applied to claims 1, 8, and 15, and 
further in view of Dalgic. 

Regarding claims 6, 13, and 20: 
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McPherson discloses the method, system, and product with means for accessing 
a data processing system behind a NAT enabled network further comprising: returning, 
from said DNS server, a plurality of addresses (Since a "set of public addresses is 
shared, with a public network address being dynamically allocated to a private network 
host" abstract, lines 12-15, a plurality of addresses is disclosed) of a plurality of parallel 
data processing systems to said NAT data processing system located behind said NAT 
enabled network (the figure in the abstract shows two such data processing systems 
1 97 and 1 98 behind a NAT network); and send packets to said NAT data processing 
system, sending packets to a first data processing system from among said plurality of 
parallel data processing systems at one of said plurality of addresses with source 
routing through said NAT device ("The requesting host can then use this returned public 
network address for communicating with the private network host." abstract, lines 1 1- 
12, and the figure in the abstract shows two private network hosts with two different 
addresses — a plurality of addresses.) 

McPherson discloses all the limitations as disclosed above except for responding 
to reception of a fail signal and source routing through a NAT device. 

Alkhatib teaches source routing (paragraph 0150 line 12) through a NAT device, 
(paragraph 0150 lines 24-25 discloses "data can flow between hosts A and C... through 
NAT...." ). 

The general concept of providing source routing through a NAT device is well 
known in the art as illustrated by Alkhatib who discloses source routing through a NAT 
device in an accessing method, system, and product with means. 
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It would have been obvious for one of ordinary skill in the art at the time of the 
invention to modify McPherson to include the use of source routing through NAT in his 
advantageous method as taught by Alkhatib in order to forward "the communication to 
the entity inside the private" network as stated by Alkhatib in his abstract, last two lines. 

Dalgic teaches receiving a fail signal and responding to the fail signal. 
("Further, in some embodiments, a secondary gate controller can send a message to 
the edge router indicating the failure of the gate controller. The edge router can update 
the call state information after receiving the message..." Column 2, lines 51-53) 
The general concept of responding to a fail signal is well known in the art as illustrated 
by Dalgic who discloses a fail signal in an H.323 system which does network address 
translation. It would have been obvious for one of ordinary skill in the art at the time of 
the invention to modify McPherson of his NAT system, method, and medium in as 
taught by Dalgic in order for the edge router to "support a standard network address 
translation (NAT) protocol" as stated by Dalgic in Column 2, last two lines. 
7. Claims 7, 14, and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over McPherson in view of Alkhatib et al, hereinafter referred to as Alkhatib (US pub 
2004/0249974 A1) 

Regarding claims 7, 14, and 21: 

McPherson discloses all the limitations of the method, system, and product with 
means for accessing a data processing system behind a NAT enabled network except 
for: authenticating an identity of a user at said client system; only allowing access to 
said NAT data processing system if said authenticated identity of said user matches one 
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of a plurality of authenticated users enabled to access systems behind said NAT 
enabled network. 

Alkhatib teaches a user authentication with a NAT enabled network. (Paragraph 
0108 line 5, discloses that the members are behind a NAT device and paragraph 0131 
discloses a user authenticator. Paragraph 1008 discloses that "Policies are used to 
allow or deny access to individual machines, services, or other users." last sentence) 

The general concept of providing a user authenticator for entities to access 
systems behind a NAT device is well known in the art as illustrated by Alkhatib who 
discloses a user authentication in a NAT system. 

It would have been obvious for one of ordinary skill in the art at the time of the 
invention to modify McPherson to include the use of a user authenticator in his 
advantageous method as taught by Alkhatib in order to "enable the rapid creation of a 
secure means that allows local and remote specified entities to communicate..." as 
stated by Alkhatib in paragraph 0005, lines 8-10.) 

Conclusion 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Joan B. Naurot Ton whose telephone number is 571- 
270-1595. The examiner can normally be reached on M-Th 9 to 6:30 (flex sched) and 
alt Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan Flynn can be reached on 571-272-1915. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

JBNT 

06/25/2007 
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